With the deployment of medical communication systems which transfer data from within the hospital to physician-carried mobile communication devices via public cell phone and other networks, the need for encrypting such sensitive data will become significant. In applications where patient medical data has to be further stored or processed outside the hospital, such as on a public or shared server or a cell phone system file server, there will be a need for file handling methods which preclude accessing or reassembling the patient's data other than by a password protected physician handheld.
While encryption and authentication technologies are currently available, such technologies only allow transmission of data from the encryption point to the decryption point, with no further protection offered post decryption. In instances, where data needs to be decrypted at an intermediate point for further processing (such as for message delivery or routing purposes), standard encryption techniques are not sufficient.
Current laws applicable to medical data in the USA, such as HIPAA, require that any server storing patient medical data be secure with access limitations and written agreements to control access to the data. However, in wide implementations, such controls, although systematically possible, are not fool-proof. A fool-proof system for managing such scenarios is required where, even if the security of a server is breached, data located within the server cannot be reassembled into meaningful parts.
Encryption techniques and privacy protection are primary concerns of treatment facilities as electronic data delivery improves efficient and effective emergency condition care. Treatment facilities, such as hospitals, clinics, and adult care centers, may routinely perform time-sensitive procedures related to emergency patient conditions, such as heart attacks, strokes, and other life or limb-threatening situations. Using many methods of medical data delivery to diagnose and treat the emergency conditions allows the treatment facilities to improve the timely communication of information to physicians, support teams, and transportation units, thereby improving the patient's outlook.
Treatment facilities may measure the efficiency of their actions by the time it takes medical care personnel to treat patients suffering from emergency conditions. For example, a hospital may measure the time in between encountering a patient with chest pains and treating for him/her for those symptoms. Treatment facilities may evaluate the management of patients having chest pains using a “door-to-balloon” time metric, which may represent the time period between identifying an emergency condition and abating the condition using inflated arterial balloons. Myocardial infarction, commonly known as a heart attack, is a serious condition that may often require relatively short door-to-balloon times to maintain a positive prognosis for a victim. Myocardial infarctions may be due to one or more occlusions of a coronary artery and may cause heart cells to die because of the interruption of blood supply. ST-Segment Elevated Myocardial Infarction (or “STEMI”) is an especially dangerous type of myocardial infarction that, if not treated quickly, may pose a serious threat to a patient's life. Hospitals may improve a STEMI patient's outlook by decreasing “door-to-balloon” times through more efficient internal procedures.
Clinical and regulatory bodies create performance benchmarks to guide treatment facilities in improving the efficiency of acute condition treatment. For example, such benchmarks have set a standard of care for STEMI-related conditions at a “door-to-balloon” time of 90 minutes. As another example, a theoretical target treatment time for various life or limb-threatening emergency conditions may be within 60 minutes of the occurrence of an injury or illness (i.e., the “golden hour”). However, treatment facilities may exceed such benchmarks by improving internal procedures for electronic data delivery.
Currently, treatment facilities may utilize basic technologies, such as fax and e-mail, while treating patients with emergency conditions (e.g., STEMI). For example, ambulances may use fax and/or email transmissions to deliver data from a 12-lead resting EKG device within the ambulance to either an ambulance operation control center or a hospital emergency room. However, fax and email medical data communications are intrinsically non-auditable and HIPAA non-compliant. Hospitals may also employ the Internet to communicate medical data, such as EKG data, to hospital staff within hospital emergency rooms. However, hospital-based information systems, such as the General Electric Medical® Muse® or the Philips® Tracemaster MD® EKG management solution databases may not provide an efficient way to push data to a physician.
As manual aspects of emergency condition treatment are relatively constant, such as the time required for an ambulance to physically drive a patient to a hospital or the time needed to prepare a catheterization lab, treatment facilities may improve treatment efficiency of STEMI patients through intelligent uses of technology and automated data delivery systems.